Vulnerability Description
An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. Attackers can bypass the CLI menu.
CVSS Score
6.2
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rittal | Cmciii-Pu-9333E0Fb Firmware | <= 3.17.10 |
| Rittal | Cmciii-Pu-9333E0Fb | - |
| Rittal | Pdu-3C002Dec Firmware | <= 5.17.10 |
| Rittal | Pdu-3C002Dec | - |
| Rittal | Cmc Iii Pu 7030.000 Firmware | <= 3.15.70_4 |
| Rittal | Cmc Iii Pu 7030.000 | - |
| Rittal | Lcp-Cw Firmware | <= 3.15.70_4 |
| Rittal | Lcp-Cw | - |
| Rittal | Iot Interface 3124.300 | <= 6.17.00 |
References
- https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-ExploitThird Party Advisory
- https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-ExploitThird Party Advisory
FAQ
What is CVE-2020-11952?
CVE-2020-11952 is a vulnerability with a CVSS score of 6.2 (MEDIUM). An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. Attackers can bypass the CLI menu.
How severe is CVE-2020-11952?
CVE-2020-11952 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11952?
Check the references section above for vendor advisories and patch information. Affected products include: Rittal Cmciii-Pu-9333E0Fb Firmware, Rittal Cmciii-Pu-9333E0Fb, Rittal Pdu-3C002Dec Firmware, Rittal Pdu-3C002Dec, Rittal Cmc Iii Pu 7030.000 Firmware.